5 Most common types of cyber attacks on small- to medium-sized businesses

The first step to falling for any cyber attack is believing you won’t be attacked. This seems to be the case for small- and medium-sized businesses (SMBs) in Australia, where 19% of 1,023 surveyed SMBs had been attacked — twice as many as their US counterparts, based on a cyber security survey.

And as if neverending cyber attacks on SMBs weren’t problematic enough, they also occur in many different forms. If you’re a business owner and have only begun implementing a cyber security plan, a blanket solution might not even be enough to prepare against all possible threats. Nevertheless, identifying and understanding potential security threats to your network can greatly help. To get you started, we list five of the most common cyber attacks on SMBs:

Malware

Malware is one of the most common cyber attacks and also one of the most effective. It comes in various forms: viruses, spyware, ransomware, and worms, to name but a few. Each malware type works in different ways, but what unites them is the goal of infiltrating computer systems, inflicting damage, and stealing valuable information or money.

Hackers unleash spyware to obtain passwords or plant moles on your computers to get sensitive data such as passwords, or to track your keystrokes, which will then be used to get your credentials. Ransomware, on the other hand, takes your computer hostage and demands a ransom in exchange for its freedom.

Practicing vigilance and installing the right security software are two ways to protect against malware. For businesses, educating your employees and implementing stricter email use policies are simple yet effective ways to protect against malware.

Phishing Scams

The biggest phishing scams usually make headlines because of the large sums of money involved. These often involve big corporations, but that doesn’t mean smaller businesses are spared. Phishing scammers come in all shapes and sizes, and there are scammers that target smaller businesses.

Spear phishing, one of the most widespread cyber attacks in Australia, is a type of phishing that tricks users into downloading infected software or making wire transfers with advertisements and messages that mention things hackers know the target is likely to click on. Since they are often targeted to individuals with the capacity to transfer large sums of money, company executives need to take extra care when dealing with suspicious emails.

Malvertising

Malicious advertising works simply and smartly. One approach involves infecting online advertising networks by inserting a malicious code into a legitimate ad, which gets installed when a user clicks on an ad. Another approach involves using an ad to redirect users to a site where the malicious code will automatically download. The Australian Cyber Security Centre recommends ‘reviewing business requirements for the use of Adobe Flash’ because malvertisement exploits are usually enabled through them.

Denial of Service (DoS)

The goal of a Denial of Service attack is to shut down a website by overwhelming it with traffic. It can be direct or distributed. The latter means an attack simultaneously launched by a number of different computers. What makes a DoS attack so effective is its seemingly innocuous nature; those who are unaware may think that the surge of traffic is simply a result of a sudden popularity of a particular web page.

Filtering traffic, increasing bandwidth, and having a backup and disaster recovery plan with more servers distributed across various data centres are some of the ways you can protect your business against DoS.

Credential Reuse

Creating different usernames and passwords for various websites and applications might seem like a difficult task, but it needs to be done. Hackers work hard at cracking passwords and if you use the same login information for multiple accounts, all it takes is a single password to hack all your applications, programs, or websites.

Businesses can prevent this by implementing policies on creating new strong passwords for every account and changing them periodically. With simple and effective tools like password managers, there’s no reason why your business should fall victim to these attacks.

These are just a few of the most common cyber attacks businesses should watch out for. Cyber criminals come up with new ways to prey on their victims and your business may not have the resources or the time to keep up. Austin Technology takes a proactive approach to detecting potential intrusions on your network. For Network Security solutions, call us now.